<?php
require("../../class2.php");
require("library/api.php");
$dir         = $shop_settings["download_dir"];
$ordernummer = $tp->toDB($_GET["o"]);
$product_ID  = (int)$_GET["p"];
//
// Do a final check on the username and and purchase, then get the file name
//
if(!$sql->db_Select($e107shop_db_name['orders'], "*", "order_number='".$ordernummer."' AND theuser='".USERNAME."'")) {
    require(HEADERF);
    $ns->tablerender(lan_global_status, lan_e107shop_download_error);
    require(FOOTERF);
} else {
    //echo "something";
    $df = new db;
    $sql->db_Select($e107shop_db_name['downloads'], "*", "order_number='".$ordernummer."' AND productID=".$product_ID." and USERNAME='".USERNAME."'");
    while($row=$sql->db_Fetch()) {
        $df = $row["download_file"];
        //e107shop_get_product_field($_GET["p"], "download_file");
    }
    $file=$dir."/".$df;
    $file=str_replace("//", "/", $file);
    header("Content-type: application/force-download");
    header("Content-Transfer-Encoding: Binary");
    header("Content-length: ".filesize($file));
    header("Content-disposition: attachment; filename=\"".basename($file)."\"");
    readfile("$file");
}
